Greetings! 

I am coming from a Dell laptop that is about two years old. I had some HW issues with it, so my company bought me a brand new Lenovo L14 Gen 5 with Windows 11 Pro directly from the factory. On the advice from my IT department, I installed the same version of the Endpoint Security client E82.40 that is on my old Dell laptop. I set up the VPN parameters the same. I am connected to the same docking station as the Dell that uses the same Etherenet Realtek chipset and driver. Here is what happens when I try to connect:

1. Start ping -t session to Google DNS

2. Enter my credentials

3. The VPN bubble shows the connection was successful. The lock icon indicator turns green. 

4. Ping starts showing time-outs

5. after about 5 seconds, the lock icon indicator starts to spin

6. My network device switches from Ethernet to Wifi and connects to my AP. Ping is still showing drops. 

7. The Check Point Virtual Adapter shows Disconnected. The Realtek Ethernet adapter shows Disconnected. Wifi shows connected, but no traffic is flowing. Eventually, the Windows network adapter indicator shows no Internet. 

Now here is the interesting part:

8. If I disable the Realtek Ethernet adapter and then re-enable it (bouncing it) the tunnel comes up. Ping starts responding with the normally high response times, indicating traffic is now routed to the VPN server, and the internet comes back. 

9. If I disconnect from the VPN, the same thing happens - Lose the internet completely. If I bounce the Ethernet device, my internet comes back to normal. 

So... I uninstalled the client, rebooted, and then installed the most current client build E88.60.

Also tried the onboard Intel Ethernet port and the Wifi Port. Same issue.

Re-tried my old Dell, and works perfectly, so it is not my network. 

I compared the Windows services between the two laptops and it all matches.

I tried booting into Windows Safemode to test, but the Check Point services are blocked in Safemode.

Nothing looks obvious in the logs:

[12 Sep 17:03:15] Client state is idle
[12 Sep 17:03:15] received network OUT event while state is idle. no action
[12 Sep 17:03:22] Client state is idle
[12 Sep 17:03:22] received network OUT event while state is idle. no action
[12 Sep 17:03:29] Connect initiated by user
[12 Sep 17:03:29] Client state is idle
[12 Sep 17:03:29] User pressed connect
[12 Sep 17:03:29] Creating primary conn flow to <DELETED>-CLUSTER (1)
[12 Sep 17:03:30] Transport is auto detect
[12 Sep 17:03:30] Sent ClientHello
[12 Sep 17:03:31] No need to upgrade client, client version is 986105801 
[12 Sep 17:03:46] Starting new connection (1)
[12 Sep 17:03:50] No need to download topology
[12 Sep 17:03:50] No need to upgrade client, client version is 986105801 
[12 Sep 17:03:50] no need executing firewall step
[12 Sep 17:03:50] no need executing scv step
[12 Sep 17:03:50] Office mode IP was set successfully
[12 Sep 17:03:53] OM started successfully with IP = 172.16.XXX.XXX.
[12 Sep 17:03:53] Client state is connecting
[12 Sep 17:03:53] Connection was successfully established (1)
[12 Sep 17:04:13] No reply from the gw ip=10.XXX.XXX.254 for tunnel test packet. Office Mode IP=172.16.XXX.XXX, source port=18002.
[12 Sep 17:04:15] No reply from the gw ip=10.XXX.XXX.254 for tunnel test packet. Office Mode IP=172.16.XXX.XXX, source port=18003.
[12 Sep 17:04:17] No reply from the gw ip=10.XXX.XXX.254 for tunnel test packet. Office Mode IP=172.16.XXX.XXX, source port=18004.
[12 Sep 17:04:19] No reply from the gw ip=10.XXX.XXX.254 for tunnel test packet. Office Mode IP=172.16.XXX.XXX, source port=18005.
[12 Sep 17:04:21] No reply from the gw ip=10.XXX.XXX.254 for tunnel test packet. Office Mode IP=172.16.XXX.XXX, source port=18006.
[12 Sep 17:04:23] No reply from the gw ip=10.XXX.XXX.254 for tunnel test packet. Office Mode IP=172.16.XXX.XXX, source port=18007.
[12 Sep 17:04:25] No reply from the gw ip=10.XXX.XXX.254 for tunnel test packet. Office Mode IP=172.16.XXX.XXX, source port=18008.
[12 Sep 17:04:28] No reply from the gw ip=10.XXX.XXX.254 for tunnel test packet. Office Mode IP=172.16.XXX.XXX, source port=18009.

[12 Sep 17:04:30] No reply from the gw ip=10.XXX.XXX.254 for tunnel test packet. Office Mode IP=172.16.xxx.xxx, source port=18010.
[12 Sep 17:04:31] IKE tunnel disconnected, error code=-1000. Reason: Site is not responding.
[12 Sep 17:04:31] Client state is connected
[12 Sep 17:04:31] Tunnel (1) disconnected. State is connected. Trying to reconnect.
[12 Sep 17:05:11] IKE connection failed, error code=-1000. Reason: Site is not responding.

<I Bounced the NIC HERE>

[12 Sep 17:05:12] Client state is reconnecting
[12 Sep 17:05:12] Reconnect failed. trying again (1)
[12 Sep 17:05:19] Client state is reconnecting
[12 Sep 17:05:19] Reconnect finished successfully (1)
[12 Sep 17:05:20] Client state is connected
[12 Sep 17:05:20] Interface change - location is OUT, state connected, reconnecting tunnel
[12 Sep 17:05:28] Client state is reconnecting
[12 Sep 17:05:28] Interface change - location is OUT, trying to reconnect
[12 Sep 17:05:49] Client state is reconnecting
[12 Sep 17:05:49] Reconnect finished successfully (1)

Anybody have any ideas? Is my laptop too new to work properly with the most current client?